I understood your email in conjunction with your previous one. The structure of the ike and esp settings is described on the man page for ipsec.conf and on the wiki in the articles about ipsec.conf[1].
Quotes from the wiki page: ``` esp = <cipher suites> comma-separated list of ESP encryption/authentication algorithms to be used for the connection, e.g. aes128-sha256. The notation is encryption-integrity[-dhgroup][-esnmode]. ``` ``` ike = <cipher suites> comma-separated list of IKE/ISAKMP SA encryption/authentication algorithms to be used, e.g. aes128-sha256-modp3072. The notation is encryption-integrity[-prf]-dhgroup. In IKEv2, multiple algorithms and proposals may be included, such as aes128-aes256-sha1-modp3072-modp2048,3des-sha1-md5-modp1024. ``` The man page says the exact same. What do you mean with "gen my own group"? Are talking about your own private key? That is the only thing you generate by yourself. Every DH group is standardized to be interoperable between vendors. [1] https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection -------- Forwarded Message -------- Subject: Re: [strongSwan] Forward Secrecy Date: Thu, 21 Dec 2017 17:40:47 -0500 From: Colony.three <[email protected]> Reply-To: Colony.three <[email protected]> To: Noel Kuntze <[email protected]> That's a condescending response, Noel. You don't know who I am nor seem to have understood the nature of my questions. I was very specific. Sure I have gone through the docs, and of course I saw the cipher speed list <https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites>. I can decide for myself which algo suits my needs, although most others will likely be lost. /But one question is/, the *_construct_* of the cipher string /in the actual ike= variable/. Nothing anywhere, actually describes this. And again for adding the PFS DH group <http://adding the PFS DH group>. How are you supposed to actually add it if you choose to gen your own? It doesn't specifically say anywhere. Why do I gen my own group? Please respect that I have my reasons. > -------- Original Message -------- > Subject: Re: [strongSwan] Forward Secrecy > Local Time: December 21, 2017 12:45 PM > UTC Time: December 21, 2017 8:45 PM > From: [email protected] > To: Colony.three <[email protected]>, [email protected] > <[email protected]> > > strongSwan isn't software for the proletariat. As the introduction says, you > need a background in networking. Obviously, to read the introduction you have > to be able to find and read the documentation. The same is true for finding > the list of cipher keywords on the wiki, where you will find the available > ciphers, DH and HMAC keywords. > > Read the introduction and the tutorial about forwarding. VPNs are not trivial > to set up and operate securely and correctly. If you're unsure, just use > Algo[1]. > > The BLISS certificates are broken. Don't use them. > > Just use very long RSA keys (4096 bit). That gives you a good security > margin, even in post quantum computing. > > [1] https://github.com/trailofbits/algo > > On 20.12.2017 16:55, Colony.three wrote: > > I am not very happy using RSA as the cipher, since it's been cracked. > And, as any reader of Schnier knows, elliptic curve is out of the question. > ikev2 only here. I would like to use a DHE cipher, or better yet a > lattice cipher, but I can not find any evidence of how to set these. I > presume it would be part of the ike= directive, but there are no examples of > what strings to use. (I have no idea what the esp= directive pertains to) > Can anyone advise? > I notice that there is a provisional lattice cipher for StrongSwan, very > good news (though I'd have to compile SS), but unfortunately it is not > supported by the Android app. Would but that it were...
signature.asc
Description: OpenPGP digital signature
